On Tue, Sep 4, 2012 at 11:57 AM, Jay Ashworth <jra@baylink.com> wrote:
What sort of an mta do you run on your laptop that doesnt support smtp auth?
SMTP Auth to *arbitrary remote domains' MX servers*? Am I missing something, or are you?
You are. You should be doing SMTP Auth to *your* email server on which you have an authorized account and then letting it relay your messages to the world.
Okay, fair enough. There are no good users *expecting* to send email direct to a remote port 25 from behind a NAT. There are some good users who occasionally run slightly sloppy configurations which might attempt spurious port 25 connections.
I do, in fact, expect that. You're alleging that's a bad practice.
Yes, I am. Here's a few others. http://security.comcast.net/get-help/spam.aspx "Port 25 Blocking Port 25 is conduit on a computer that spammers can take control of and use to send their spam - often without the user ever knowing his/her computer has been "hijacked". Comcast works with our customers to block access to Port 25 and protect their PC. Comcast recommends that our customers establish a more secure email configuration on their PC - Port 587 - We have made it easy by creating a one-click fix that automatically configures your computers to this safer PC configuration." http://qwest.centurylink.com/internethelp/email-troubleshooting-port25.html "CenturyLink filters port 25 to reduce the spread of email viruses and spam (unsolicited email). Filtering port 25 has become the industry standard to reduce the spread of email viruses and spam. These email viruses allow malicious software to control infected computers. These viruses direct the infected machines to send email viruses and spam through port 25. " http://cbl.abuseat.org/nat.html "The simplest and most effective way to stop this is to configure your NAT to prohibit connections to the Internet on port 25 except from real mail servers. Not only does this stop all of these viruses and spams dead in their tracks, the NAT logs will immediately tell you the LAN address of the infected machine. " http://tools.ietf.org/html/rfc5068 "A proactive technique used by some providers is to block all use of port 25 SMTP for mail that is being sent outbound, or to automatically redirect this traffic through a local SMTP proxy, except for hosts that are explicitly authorized." http://www.microsoft.com/security/sir/strategy/default.aspx#!section_2_4 "Block access to port 25 from all hosts on your network other than those you explicitly authorize to perform SMTP relay functions." Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004